Chinese Skype Surveillance Trigger Words Uncovered by Researcher

There is one thing that binds the phrases “kinky cinema,” “hired killer,” and “throwing eggs.” If you type any one of them into a special eavesdropping-enabled version of Skype used in China, you could find yourself under surveillance.

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

That’s according to a research project by Jeffrey Knockel, a computer-science graduate student at the University of New Mexico, Albuquerque. As Bloomberg Businessweekreported today, Knockel recently found a way to bypass encryption used by a version of Skype designed specifically for Chinese users, and in doing so uncovered secret keyword lists used in China to monitor Skype users’ communications.

Advertisement

According to the 27-year-old researcher, the software has a built-in surveillance blacklist that scans messages sent between users for specific words and phrases. If a user types one of the offending phrases into the Skype text chat, it triggers an alert—sending a copy back to a centralized computer server and flagging who sent the message and when.

Some of the thousands of terms included on the lists Knockel has compiled, which he updates daily, are predictably political. Translations show they include “student demonstrations,” “oil protest,” “Tiananmen slaughter,” “Amnesty International,” and “Reporters Without Borders.” But there are also a large number that are sex- and pornography-related—like “sex chat,” “live nude chat service,” and “kinky cinema.” Some cover violence, such as “Molotov cocktails” and “hired killer.” And it doesn’t end there. The software scans for references to drugs like ecstasy, methamphetamine, and ketamine—while bizarre terms that translate into English as “ancient horse recipe” and “throwing eggs" could also land users on a watch list. I have no idea what those expressions mean, but they could be code words along the lines of the infamous “grass mud horse”.

The version of Skype used in China is known as Tom-Skype, a joint venture Skype formed in 2005 with majority owner Tom Online, a Hong Kong-based Internet provider. In 2008 the operation was linked to “a huge surveillance system in China that monitors and archives certain Internet text conversations that include politically charged words.” This has prompted Skype, which was purchased by Microsoft in 2011, to come under fire for complicity in censorship and surveillance. An open letter I supported in January called on the company to, among other things, publish information about Tom-Skype and its spying and content-blocking capabilities.

Skype has claimed in previous statements that it is committed to promoting “effective public policies that help protect people’s online safety and privacy.” But the scale of the keyword monitoring built into its Chinese platform calls that into question. I contacted Skype for comment but had not heard back at time of publication. The company issued a statement to Businessweek, saying that its mission “is to break down barriers to communications and enable conversations worldwide. Skype is committed to continued improvement of end user transparency wherever our software is used.”

With a nearly 96 million users in China, Tom-Skype certainly enables conversations. But the software also appears to be aiding an extreme form of mass eavesdropping—especially if the topic of conversation is sex, drugs, politics, or human rights.